<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=127469634355496&amp;ev=PageView&amp;noscript=1">
Let's Talk

Let's Talk

4 Things to Know About GDPR and Why It Matters to HR
Blog Feature Subscribe
Arnaud Gouachon

By: Arnaud Gouachon on March 13th, 2017

Print/Save as PDF

4 Things to Know About GDPR and Why It Matters to HR

Compliance and Security

Est. Read Time: 3 min.

 In May 2018, the EU will implement its new data privacy regulation, called General Data Protection Regulation, or GDPR. This new regulation will have major implications for any company with employees residing in the European Economic Area, regardless of the employees citizenships. The GDPR enhances data protection for employees and carries substantial penalties for non-compliance. The May 2018 compliance deadline is on the horizon and it’s important for companies to understand the GDPR’s impact on their HR departments practices.


The requirements under GDPR are expansive and compliance will call for a concentration of time, effort, and resources from HR departments at affected companies. We’ve outlined the top 4 most important things to know about the GDPR and how it could affect your company.

 

EU GDPR and HR.png1. All companies with EU-based employees will be affected.

Even if the company is not established in Europe, any company with employees residing in the European Economic Area must comply with the GDPR. Additionally, third party vendors that process employee personal data (i.e. processors) pursuant to a contract with these companies (controllers) must also comply.

 

2. The GDPR guides a wide range of data privacy processes.

These extensive requirements will affect organizational and procedural changes within the impacted companies. The GDPR rules cover data processes that span from international transfers of employee data and security measures to employee rights concerning their data and how data is controlled and processed.

 

3. The GDPR establishes a large number of new rules.

Because the GDPR introduces a considerable amount of new information and regulations, HR departments will need time and resources to account for each new compliance area. Some of the biggest changes include expanded security breach measures and definitions of personal data, extended employee rights, and potential personnel changes, such as the appointment of a Data Protection Officer.

 

4. Non-compliance is costly.

Once the GDPR goes into effect on May 25, 2018, companies who are non-compliant will face massive penalties. Fines can be as high as 20,000,000 EUR, or up to 4% of a company’s annual global revenue. In addition, employees will be able to take legal action against, and claim damages from, both employers and their third party vendors.

 

To meet the GDPR requirements, we recommend starting the compliance process as soon as possible. Learn more about GDPR and how you can be prepared for the 2018 deadline!
View our On-Demand GDPR Webinar with Top Global Data Privacy Lawyers
View our On-Demand GDPR Webinar with Top Global Data Privacy Lawyers

You May Also Be Interested In:

What is the CCPA and what does HR need to know?

The California Consumer Privacy Act (CCPA), intended to protect the privacy of California residents, is having a ripple effect across the United States. Originally designed to give California consumers new rights, the definition of “consumer” in the Act is so broad that your workforce data may also be affected. If you're an employer who may be impacted by the CCPA, here are 5 actions you can consider before the new privacy law goes into effect on January 1, 2020.

Read More

What impact could a no-deal Brexit have on employee data?

Last week, Theresa May’s Brexit plan was defeated, leaving United Kingdom employers (along with the rest of the world) with a number of questions. One primary concern: maintaining compliance with the General Data Protection Regulation (GDPR) if the UK leaves the European Union before a deal is in place. While a lot remains unclear, here are three things to be aware of when preparing employee data for a no-deal Brexit.  

Read More

Improving your HR data collection practices

It seems like every week there is a news blast on how data has been misunderstood, misused or abused. From Cambridge Analytica’s purposeful abuse of personal data to Strava’s unintentional reveal of military bases, 2018 has brought the consequences of personal data collection to the forefront. That said, it’s important not to forget that with proper use, personal data can have a huge, positive impact on your HR practices. Employers have used personal data to make better hiring decisions, help employees get healthy and address biases in the workplace.

Read More

What is the CCPA and what does HR need to know?
What impact could a no-deal Brexit have on employee data?
Improving your HR data collection practices

About Arnaud Gouachon

Arnaud leads PeopleDoc's global legal and compliance organization, bringing over 10 years of legal experience. Prior to joining PeopleDoc, Arnaud was Vice President and General Counsel for Transdev On Demand, Inc., a subsidiary of Veolia Environnement group, where his focus was on US commercial contracts, corporate law, compliance and employment law. He has two Masters degrees in law from Northwestern University in the US and Paris XII University in France, as well as a Certificate of Business Administration from Instituto de Empresa in Madrid, Spain. He is a member of the New York Bar.